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Abstract. Brizolis asked the question: does every prime p have a pair (g, h) 
such that /i is a fixed point for the discrete logarithm with base g? The first 
author previously extended this question to ask about not only fixed points 
but also two-cycles, and gave heuristics (building on work of Zhang, Cobeli, 
Zaharescu, Campbell, and Pomerance) for estimating the number of such pairs 
given certain conditions on g and h. In this paper we extend these heuristics 
and prove results for some of them, building again on the aforementioned work. 
We also make some new conjectures and prove some average versions of the 
results. 



1. Introduction and Statement of the Basic Equations 

Paragraph F9 of 5^ includes the foUowing problem, attributed to Brizolis: given 
a prime p > 3, is there always a pair {g, h) such that g is a primitive root of p, 
1 < h < p — 1, and 

(1) / = /i mod p ? 

In other words, is there always a primitive root g such that the discrete logarithm 
logg has a fixed point? As we shall see, Zhang (^]) not only answered the question 
for sufficiently large p, but also estimated the number N(j>) of pairs (g, h) which 
satisfy the equation, have g a primitive root, and also have h a primitive root which 
thus must be relatively prime to p — 1. This result seems to have been discovered 
and proved by Zhang in ^H] and later, independently, by Cobeli and Zaharescu 
in Campbell and Pomerance (JJ) made the value of "sufficiently large" small 
enough that they were able to use a direct search to affirmatively answer Brizolis' 
original question. As in !B|, we will also consider a number of variations involving 
side conditions on g and h. 

In 1^, the first author also investigated the two-cycles of log^, that is the pairs 
{g, h) such that there is some a between 1 and p — 1 such that 

(2) g^ = a mod p and g"^ = h mod p. 
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As we observed, attacking ^ directly requires the simultaneous solution of two 
modular equations, presenting both computational and theoretical difficulties. When- 
ever possible, therefore, we instead work with the modular equation 

(3) h'' = a" mod p. 

Given g, h, and a as in (j^J, then ||2J) is clearly satisfied and the common value 
is g"^^ modulo p. Conditions on g and ft, in jSJ can (sometimes) be translated 
into conditions on h and a in Q. On the other hand, given a pair (ft, a) which 
satisfies Q, we can attempt to solve for g such that {g, ft) satisfies ^ and translate 
conditions on (ft, a) into conditions on {g,h). Again, we will investigate using 
various side conditions. 

Using the same notation as in IBl , we will refer to an integer which is a primitive 
root modulo p as PR and an integer which is relatively prime to p — 1 as RP. An 
integer which is both will be referred to as RPPR and one which has no restrictions 
will be referred to as ANY. In some instances, • will be used to stand for any one 
of these four conditions. 

All integers will be taken to be between 1 and p — 1, inclusive, unless stated 
otherwise. If N{p) is, as above, the number of solutions to such that g is a 
primitive root and ft is a primitive root which is relatively prime to p — 1, then 
we will say N{p) — rr,/; rppr(p), {F for "fixed points") and similarly for other 
equations and conditions. Likewise the number of solutions to ^ will be denoted 
by T (for "two-cycles") and the number of solutions to (|3J| will be denoted by C 
(for "collisions"). If OYdp{g) — ordp(ft), we say that gORDft. 

The first part of this paper focuses on solutions to Q , with Section|5]covering the 
basic heuristics used and the lemmas which can be proven about them. Section |3| 
presents the conjectures about solutions to Q which follow from the heuristics, 
and Section 21 proves some new theorems which give support to the conjectures. 

The middle of the paper deals with solutions to Q and ©. Section [S] examines 
the relationship between solutions of the two equations, while Section |H1 presents 
the heuristics used to estimate the number of solutions to these two equations and 
the conjectures that follow from these heuristics. 

The later sections of the paper deal with average versions of the conjectures 
and results presented in previous sections. Section sets out the lemmas we need 
and gives average versions of the conjectures. Section [S] gives average versions of 
the results we have proved, where possible, and makes conjectures on the others. 
Section El discusses further work to be done along the lines of this paper. 

2. The "Independence" of Order and GCD 

The fundamental observation at the heart of the estimation of i^g rr.^ rppr(p) is 
that if ft is a primitive root modulo p which is also relatively prime to p — 1, then 
there is a unique primitive root g satisfying namely g = reduced modulo 
p, where ft denotes the inverse of ft modulo p — 1 throughout this paper. Thus 
to estimate N{p), we only need to count the number of such ft; g no longer has 
to be considered. We observe that there are 4>{p — 1) possibilities for ft which are 
relatively prime to p — 1, and we would expect each of them to be a primitive 
root with probability (f>(jj — l)/(p— 1). This heuristic uses the assumption that the 
condition of being a primitive root is in some sense "independent" of the condition 
of being relatively prime. 
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Heuristic 2.1. The condition of xRP is independent of the condition that xPR, 
in the sense that for all p, 

#{x € 1}: xRPPR} 

p-l 

_ #{x£{l,...,p-l}:xRP} #{xe a;PR} 

p — 1 P ~ 1 

That this is essentially the case was proved in J2| and in [2] . We start with the 
key lemmas of 2 . Fix a prime p. Let 

V = V{a, r,N) = {a,a + r,...,a+{N- l)r} 

be an arithmetic progression, where a, r, and N are positive integers such that 



VC {l,...,p}. Let 
(this is called V in 0), 
and 



V^^ = {xeV: a; PR} 
V^^ = {xGV: xRP}, 



V 



RPPR 



{x e V: xRPPR}. 



Finally, for any set of integers S, let 

iS''^'-' — ja; G iS: X = y''" mod p for some y} 
(fc-th powers x modulo p) and 

= G 5 : a; = mod d}. 

Then: 

Lemma 2.2. Let S be a set of integers and e a divisor of p — 1. Then 
#{xeS: gcd(a;,p-l)=e}= /i(fc)#5efc, 

I e 

where fJ-{k) is the Mobius function. 

Lemma 2.3 (Lemma 4 of Let S be a set of integers. Then 

k\p-l 

Lemma 2.4 (Lemma 5 of p > 3 &e a prime number, V — V{a, r, N), and 

let k and d be integers between 1 and p — 1 such that k divides p — 1 • Then 



< Vp(l + lnp). 



It should be noted that [5] only proves Lemma [2.41 for gcd(r, d) = 1, but the 
proof goes through more generally. 

Now the "independence" of RP and PR: 

Lemma 2.5 (Lemma 6 of 0). Let V — V{a, r, N) with gcd{r,p — 1) = 1. Then 



Hp - 1) 
p-i 



< d{p - 1) + dip - 1)^Vp(1 + Inp). 
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As the second author observed in J^, the factors of d{p — 1) which occur here 
can in fact be improved to X]d|p-i ~ 2"'^"^^ using the same proof; this is 

also done in ^H). In addition, if p — 1 | N then the first d{p — 1) term may be 
omitted. 

In fact, several times in jS] the following more general heuristic was used: 

Heuristic 2.6. The order of x modulo p is independent of the greatest common 
divisor of x and p — 1, in the sense that for all p, 



-^#|a; e {1, . . . ,_p - 1}: gcd(x,p - 1) = e, ordp(a;) 



p-l 



f 

e {!,..., p- 1}: gcd(x,p- 1) = e} 

p-l 



X 



--^#|a;G {!,..., p-l}:ordp(a;)= ^ 



To prove a rigorous form of this we need slightly less generality in the sequence 
than in Lemma [2. 51 (The observations on Lemma [2.51 likewise hold here.) 

Lemma 2.7. Let e and f be divisors of p — 1, and N a multiple of p — 1. Let 
V = V{l,l,N) and 

{ P — ^ 

V' = <x eV: gcd{x,p- 1) = e, ordp(a;) — — - — 



Then 



<d(p-l)'VP(l + lnp)- 



With the use of the more general version of Lemma the proof of Lemma IT7I 
is essentially the same as that of Lemma 12.51 

An equivalent way of thinking about Heuristic 12.61 is to fix a primitive root h 
modulo p and say that the discrete logarithm log with base 6 is a "random map" 
considered in terms of divisibility; that is, that gcd(loga;,p — 1) (which equals 
(p — l)/ordp(x)) is distributed independently of gcd(a;,p — 1). If we apply this 
discrete logarithm to we get a new equation: 



(4) /ilogg = log/i modp— 1. 

Looking at Q with the "random map" idea in mind, we see that gcd((?,p — 1) 
seems to be independent of this equation. This is the idea underlying the following 
heuristic: 

Heuristic 2.8. Among solutions to the greatest common divisor of g andp—1 
is independent of all other conditions on the order and greatest common divisor of 
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g and h, in the sense that for all p, 
1 



-^#{.9: O holds, gcd{h,p- 1) = e, 



p — 1 p — 1 

ordp(/i) = — ordp(5) = — — , gcd{g,p- 1) = n 



^^-^#|.9: O 'io^c^S; gcd{h,p- 1) = e, ordp(/i) = oi'dp(5) = ^-^| 



^ -#{5: O /ioWs, gcd(g,p- 1) = n}. 



p-1 

Heuristic 12.81 unlike Heuristics 12.11 and 12 . 61 cannot yet be made rigorous. 

3. Conjectures for Fixed Points 

The following conjectures and theorems on fixed points were listed in ^ and 
corrected in the unpublished notes [7]. 

Proposition 3.1. Fg any JiRp{p) = 1). 

Theorem 3.2 (Zhang, independently by Cobeli and Zaharescu). 

Fg PR^hRPPnip) = FgPRJiRp{p) 

= FgPR^hPR{p) 

— Fg ANY, hRPPpip) 
= Fg ANY JiPRip) 

Conjecture 3.3. 

(a) Fg ANY. h ANY (p) ~ p-l. 

(b) FgPR^hANYip) ~ (t>ip- !)■ 

(C) FgRp^h.ip) ~ (j){p-l)/{p- I) Fg ANY, h,iP)- 
(d) FgRPPR,/i,(p) « 1)/(P- l)FgPR^h,ip)- 

Remark 3.4. Note that Conjecture 1(c) of is incorrect. In (QJ if /i PR then g PR 
also, so Fg ANY,hPRip) is equal to i^g pr, ft, rppr(p) and not different as was originally 
conjectured. 

Proposition 13. II follows directly from the fact that g = h'^. Theorem 13 . 21 also fol- 
lows, with the application of Lemma l2.5l (That is, Heuristic l2.1l l Coniecture l3.3ljSjl 
is essentially the same but we need to consider whether h is an e-th power, where 
e = gcd(/i,p — 1). Thus the conjecture uses Heuristic 12.61 More specifically, we 
see that can be solved exactly when gcd(/i,p — 1) = e and h is an e-th power 
modulo p, and in fact there are exactly e such solutions. Thus 

(5) Fg ANY ji ANY (p) = ^ eT{e,p). 

e\p-l 

where 

T{e,p) = i^[h€V{lA,p~lt^ : gcd(/i,p-l)=e}. 
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According to Heuristic 12.61 we can model this sum using a set of independent 
random variables Xi, . . . , Xp^i such that 

1) with probability 



1 otherwise. 

Then the heuristic suggests that -Fg any,?;, any(p) is approximately equal to the ex- 
pected value of Xi + ■ ■ ■ + Xp-i, which is clearly p — I. 

Conjecture l3.3lfE|l was justified in [5] using the argument that gPR should be 
independent of gcd(/i,p— 1) and ordph. This is somewhat dubious on the face of it, 
since if holds then the order of g is certainly constrained by both gcd{h,p — 1) 
and ovdph. The assumption is not necessary, however. 

Observe first that if Q holds with g PR then gcd{h,p — 1) = gcd(log/i,p — 1). 
Then we apply the following elementary lemma: 

Lemma 3.5. Let gcd{a,q) = gcd{b,q) — d. Then the number of solutions of 

ax = b mod q 

with gcd{x,q) = 1 is given by (j){q)/(f>{q/d). In particular, there are always between 
1 and d solutions. 

Thus the number of solutions to with g PR and /i ANY is 

P - 1 1 0(P - 1) 



d\p~i 



#{x e {l,...,p-l}: gcd{x,p- 1) = d, ordp(a;) 



0((p-l)/d) 



which by Heuristic 12.61 is approximately equal to 



1 fJp-AV Hp-^) 



<t>{p-i). 



This argument justifies Conjecture l3.3l|EI) . 

Conjectures I3.3ljrj l and l3.3l|H|l were justified in |S] with Heuristic 12.81 in fact the 
conjectures are merely special cases of the heuristic. 

In Section 01 we will try to approximate the error term in Conjectures I3.3ljs|) 
and lOP using Lemma ETtI The results, however, will not be entirely satisfactory. 
With this in mind, we will also use Heuristic 12.61 to model the distribution of the 
values of -Fg any,/i any(?')- Let Xi, . . . , Xp-i be as above. Then wc wish to find cr^, 
the expected value of 




Note that the expected value of XhXj is gcd{h,p — 1) ii h ~ j and 1 otherwise. 
Using this, an easy computation shows that 

h=l d\p-l ^ ^ 

In particular, a < p^l'^^'^ for every e > 0. Thus we have the following: 
Conjecture 3.6. There are 0(2:/ In x) primes p < x for which 

\Fg ANY, h ANY (p) - (p - 1)1 > p'/'+' 

for every e > 0. 
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Some progress toward proving this conjecture is described in Section 0] 
Proposition 13.11 Theorem 13.21 and Conjecture are summarized in Table ^ 
which appeared in 7 . The table also contains new data collected since [CI- 
TABLE 1. Solutions to 



(a) Predicted formulas for F{p) 



g\h 


ANY 


PR 


RP 


RPPR 


ANY 




_ 0(p-i)" 
~ (p-i) 


=0(p-i) 


_ 0(p-i)" 
~ (p-i) 


PR 


~0(p-i) 


^ </'(p-i)" 


_ 0(P-1)" 


^ 4>{p-ir 


(p-i) 


~ (p-1) 


(p-i) 


RP 


~0(p-i) 




4>{p-iy 


0(p-i)" 


~ (p-l)2 


- (p-i) 


~ (p-l)2 


RPPR 


0(p-i)" 
~ (p-i) 


0(p-i)" 


_ 0(p-i)" 
~ ip-iy 


0(P-1)" 
~ (p-l)2 


(b) Predicted values for F(100057) 




ANY 


PR 


RP 


RPPR 


ANY 


100056 


9139.46 


30240 


9139.46 


PR 


30240 


9139.46 


9139.46 


9139.46 


RP 


30240 


2762.23 


9139.46 


2762.23 


RPPR 


9139.46 


2762.23 


2762.23 


2762.23 


(c) Observed values for F(100057) 


9\h 


ANY 


PR 


RP 


RPPR 


ANY 


98506 


9192 


30240 


9192 


PR 


29630 


9192 


9192 


9192 


RP 


29774 


2784 


9037 


2784 


RPPR 


9085 


2784 


2784 


2784 



4. Theorems on Fixed Points 

The first rigorous result on this subject was Theorem 13.21 Both JS] and |2] 
provided bounds on the error involved; we will use notation closer to 

Theorem 4.1 (Theorem 1 of ^J. 



^gPR,/iRPPR(p) 



<f>ip-l 



<d(p- 1)^^(1 + lnp). 



p-1 

Proof. Apply Lemma [2.51 with V = 7^(1, l,p — 1). (The observations on d{p — 1) 
apply.) □ 

We next turn our attention to i^g any. /i any (p)- Recall from Section |31 that its 
value can be expressed by (O. The quantity T{e,p) which occurs there can be 
straightforwardly evaluated using Lemmas 12.21 and l2 . 41 We can also use the follow- 
ing characterization: 

Lemma 4.2. Let k \ p ~ 1. Then 



T 



l<J<fc, = {~j)' = k' modp}. 



JOSHUA HOLDEN AND PIETER MOREE 



Proof. For each integer h with gcd{h,p — 1) = (p — l)/fc, h ~ j{p — l)/k for some 
1 5: J !i with gcd(j, k) — 1, such that, moreover, 

j ^— i = x^P-^^'^ mod p 
k 

for some integer a;. It follows that 



— 1 mod p 



and hence 

(-j)'' = fc'' mod p. 
(Note that p \ k.) On observing that if 

z'' = I mod p, 

then 



mod j3 



for some integer x, the proof of the reverse implication easily follows. 

We now have the following results: 
Proposition 4.3. Let e \ p — 1. Then 



□ 



(a) 



e 



< d 



p-1 



y/p{l + Inp). 



(b) r(i,p) = </)(p-i). 

(c) If k is a divisor of p^\ such that 2k^ < p, then T 

(d) 0<r(e,p) <0^^"^ 



p-1 



P -0. 



(e) \FgANYMANYip) - b - 3)1 < 1) 1) - - l)j Vp(1 + 

(f) For any E, 1 < E <p - 1, 

\FgANy,hANY{p) -{p-l)\<E d{p~ + Inp) + - l)d£^(P " 1), 

where 

dk{n)^#{d\{p-l):d<k}. 
Proof. The cardinality of T{e,p) equals 

#[heV{l,l,p-lf'> : gcd(/i,p-l) = e} 



by Lemma 
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for some —1 < rje.k < 1, by Lemma 

'lp-1 



E 



p-1 



for some — 1 < jye < 1 



p-1 



riey^il + lnp)d 



p-1 



from whence part [^follows. 

Parts El and 131 are clear from the definition. 

Part follows from Lemma l4.2l since for such values of k one has 

< fc'^ - (-jf < p 

for any j between 1 and fc, relatively prime to k. (This was observed by an anony- 
mous referee.) 

Part 1^ follows upon noting that 

E eT(e,p)= E 

e|p— 1 e\p—l 

= {p-l) + 77^(1 + lTLp)d {p - 1) a{p - 1) 



p-1 



r]ey/p{l + lnp)d 



p-1 



for some — 1 < < 1 and then applying partEJ 
Part 13 is similar; observe that 



E ^ ^(S'P) 

e\p-l 



E 

e|p-l 
e<E 

E 

e|p-l 
e<E 



p-1 



p-1 



e T]e^/p{l + \iip)d 

p-1 











fp- 







e|p-l 



= (p - 1) + E e ??eN/p(l + lnp)d 



e\p-l 
e<E 



■q' ^ e(j) 

e\p-l 
e>E 

^' E(^"i> 

e|p-l 



p-1 



p-1 



{p-l)+Efidip- 1)2^(1 + Inp) + 7;' E (P - 1) 



e|p-l 



- (p - 1) + S ?? - 1)2Vp(1 + Inp) + r/(p - l)dp_i (p - 1), 
where — 1<?/<1,— l<?/e<l, <!■ 



□ 
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Unfortunately for partO a{p — 1) — 3{p — l)/2 = O(plnlnp) in the worst ease, 
although if p is a Sophie Germain prime cr(p— 1) — 3 (p— l)/2 = 3, and the "average 
case", averaging over a range of p, is a{p — 1) — 3(p — l)/2 w 0.70386(p — 1). (See 
later in this section for more on Sophie Germain primes, and Sections [7| and |S1 for 
further details of the "average case".) Thus the "error" term for any,/i any(p) 
will be larger than the main term for infinitely many p. In fact, this estimate is 
even weaker than the rather trivial bound 

1) < Fg/KNYMANYip) < '"^ (^T^) - - - 1) 

e\p-i V e y 

obtained from parts [E] and |3] of the proposition. (On the basis of an heuristic 
argument we conjecture that the average order of 



e|p-l 



p-1 



is ciphip with ci a positive constant.) A little thought reveals the problem: since 
=ff{h e 7^(1, 1, J3 — l)'*^-* : gcd{h,p — 1) = e} is multiplied by each divisor e of p — 1; 
an error of even 1 in calculating the number of elements in the set for a large value 
of e will result in an error of 0{p — 1). 

Part 13 gives us something of an improvement; but it does not solve the problem 
in general. In order to make the term E d{p — 1)^y^(1 + Inp) be even 0{p — 1), 
we must pick E < ^p — 1, which makes dp^{p — 1) < d{p — l)/2 by elementary 
counting of divisors. Thus the "error" term will still be of larger order than the 
main term. 

On the other hand, the line of argument from part|E]works if we restrict to primes 
p for which 

£:(p) = max{e: e I p- 1, T(e,p) > 0} 

is not too large. (Thus, the error in T{e,p) will not be multiplied by too large an 
e.) 

Proposition 4.4. Suppose that 1/4 </?<!, E{p) < p^ , and 5 > Q then 

Fg ANY. h ANY {p) = {p-l) + Os {p'/^+^+') . 

More specifically, 

\FgmYMAMYip) - (p - 1)1 < p^'^+^d{p - 1)2(2 + \np). 
Proof. By the assumption on E{p), Q, and Proposition I4.3ljnj ). we have: 



FgAm,hAHY{p) ^ ^ eT{e,p) 



e\p-l 



e|p-l 
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for some — 1 < 771 < 1 



p-l- 



e|p-l 



p-l 



+ 77ipi/2+'3d(p -1)2(1 + In p) 



□ 



= p-l + ri2d{p - l)p^-'^ + 77ipi/2+'3d(p - 1)2(1 + inp) 
for some — 1 < 772 < 

= p - 1 + T]3p^/^+^dip - 1)2(2 + \np) 
for some — 1 < 773 < 1 

= p-l + (pl/2+'3+*) , 

where we used the facts that d{n) = Os (n^) for every S > and (pin) < n. 

Remark 4.5. One reason to consider the more specific version of this proposition is 
to aid in computer searches such as the one described in pp. 

Proposition 14.41 is. of course, only useful if there exist sufficiently many primes 
satisfying E{p) < p^ for some appropriate /3. For instance, (3 needs to be less than 
1/2 before the error term is less than the main term: 

Corollary 4.6. Suppose E{p) < ^j^^; 5 > 0. Then 

FgANYjimvip) = {p-l) + o{p). 

In fact, we will prove that there are 3> x/lnx primes p < x for which E{p) < 



P 



,0.3313 



and thus that there are S> x/lnx primes p < x such that 



FgANYMmvip) = {p-l) + . 
The proof of this starts with the following application of Lemma [4.21 



X 



,3-3q /I 3Q-1+3.5 , 



Vln 



X I primes 



Proposition 4.7. Let S > 0, a> 2/3. Except for O 
p < X we have 

E{p) < p^ln^+^p. 

In particular, letting a — 2/3, except for O (^x/lii^^^^ x^ primes p < x we have 

£;(p) <p2/3ln2/3+*p. 

Proof. Let fs{x) — x^^" / In"^'' x. If p < x is a prime not dividing 

n n ((-^r-fc'^), 



p 



l<k<U{x} 3 = 1 
i3,k) = l 



then, by Lemma [4. 21 
for some fci implies 



T 



P-l 
fci ' 



ki > fs{x) > 



p\>0 



P-l 

pa p 
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and hence 

E{p) <p"hi"+''p. 

The non-zero integer P has 

\k<fsix) ] 

distinct prime divisors. These are the possible exceptions to the incquahty 

E(j,) < p-^ln^+^p. 



□ 



We can now prove: 

Proposition 4.8. There are ^ x/lnx primes p < x for which E{p) < pC-33i3_ 

Proof. It is a deep result of Fouvry (see, e.g., jjj), that ^ x/lnx primes p < x 
are such that p — 1 has a prime factor larger than -^^ combination with 

Proposition ^21 it follows that there are ^ j;/lna; primes p < x for which E{p) < 
pO.668 g^jjj p — 1 has a prime factor larger than Since E{p) is a divisor of 

p — 1 it must divide the factors of p — 1 besides the largest, and thus E{p) < p0-33i3 
for any such primes. □ 

Letting /5 = 0.3313 and S = 0.002 in Proposition 14.41 and invoking Proposi- 
tion^^ we now have: 

Theorem 4.9. There are 3> x/lnx primes p < x such that 

FgANYMANvip) = {p-l) + (p^/s) . 

More specifically, there are 3> x/lnx primes p < x such that 

\Fg AMY, h ANY (p) - (p - 1)1 < /-"'"db - 1)^(2 + Inp). 

Remark 4.10. If one can establish that in Fouvry's assertion, 0.6687 can be replaced 
by some larger 6 (up to 6* = 3/4), then in Theorem l4.9l the exponents 5/6 and 0.8313 
can be replaced by3/2 — ^-fj and 3/2 — for any 6 > 0. 

The most well-known primes p with p — 1 having a large prime factor arc the 
Sophie Germain primes. These are the primes p such that p — 1 = 2q with q a 
prime. For these primes it is easily shown (using Proposition l4.3l|T!^ with k ^ I and 
k = 2) that 

Eg ANY,hANY{p) = T{l,p) + 2T{2,p). 
Proceeding as in the proof of Proposition I4.3I|^ , the following result is then ob- 
tained: 

Proposition 4.11. If p is a Sophie Germain prime, then 

|^'gANY,/iANY(p) " (P " 3)| < 2^(1 + Inp) 

By sieving methods it can be shown that there are <C x/ log^ x Sophie Germain 
primes p < x. On the other hand, it is not known whether or not there are infinitely 
many Sophie Germain primes. 

In fact, we can state a similar result for primes p of the form p— 1 = mq as long as 
q is prime and m is sufficiently small. (This was observed by an anonymous referee.) 
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Let W be the Lambert W function, which has the property that W{x)e^^^'' = x 
for any x. Then as long as m < hi(p/2)/Vl^(ln(p/2)), any divisor A; of to wiU have 
the property that 2k^ < p. Thus Proposition I4.3ljr!j l gives us 

Fg ANY jiANy{p) = X!*^ T{e,p) 

and thus: 

Proposition 4.12. If p is a prime as described above, then 

\Fg ANY, h ANY (p) - (p - 1 - m)| < 2d{m)a{m)y/p{l + Inp). 

(The factor 2d{m)a{m) can sometimes be improved, as was the case for Sophie 
Germain primes.) 

It is also worth asking how large E{p) can be with respect to p. We put forward 
the following conjecture: 

Conjecture 4.13. Let a < 1 . There exist infinitely many primes p with E{p) > p" . 

The idea is that amongst the numbers of the form 

fc'-(-j)", l<J<k, gcd(j,fc) = l, 

there will be many that are close to being a prime and that if q is a large prime 
divisor of such a number, then E(q) will be large. Taking k — 29 and j = 5 we 
infer, for example, that the prime 

2929 + 
34 

satisfies E{q) > q°-^^^. If k is odd and 

is a prime for some 1 < j < k, then E{q) > {q — 1)^"^/'^. 

Turning back to the general case, the situation where g is PR and h is ANY 
follows the argument explained in the justification of Conjecture I3.3l|b)l . and uses 
Lemma I2. 71 to estimate the error term. It is very similar to the previous case, and 
unfortunately has the same problem in the general case: 

Proposition 4.14. 

(a) 

\Fg PR,/. ANYb) - Hp - 1) - 2| < d{p - i f (^a{p -l)-^{p- 1)^ ^(1 + Inp). 
(b) For any E, l<E<p-l, 

\Fg prmany{p) - <P{p -1)\<E d{p - 1)2^(1 + Inp) + 0(p - l)dp_i {p - 1). 
We can proceed in the same fashion as Theorem 14.91 however, to prove: 
Theorem 4.15. There are ^ x/\nx primes p < x such that 

Fg PRMAMYip) - 0(p - 1) + O (//^) . 

More specifically, there are 3> x/\nx primes p < x such that 

\FgPRMANY{p) 1)1 < p°-''^'d(p - 1)^(2 + Inp). 
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Finally, we should mention that the second author (in pointed out that we 
could also estimate the number Gg pr,/i any(p) of values h such that there exists 
some g satisfying with g PR and /i ANY. From 



G 



g ANY, h ANY 



[p) = ^ Mh- ordph = - — gcd(/i,p- 1) = el, 

e\p-l ^ ^ 



it was shown: 
Theorem 4.16. 



GgPR,/iANY(p) 

P - 1 , . 



e|p-l 



p-l 



< d{p-lfy/^il + lnp). 



Similarly, we can estimate 

GgANY,hANY{p)= J2 1)^'^: gcd(/i,p-l) = e}. 



e\p-l 



giving: 

Theorem 4.17. 



Gg any,/iAny(p) — 



1 , /p- 1 



e\p-l 



< 



1)2^^(1 + In p). 



Since we are no longer counting multiple solutions for each value of h the problem 
with the error terms discussed above disappears; the error terms are 0{p^^'^^'^) while 
the main terms look on average like a constant times p. 

(For completeness, we should note that if h is RP and/or PR, then 

Gg,,h,{p) = F^,g,M,{p)- 

Heuristic 12 . 81 would also predict that 

GgRPji,{p) « (pip- l)/(p- l)GgANY,/7..(p) 

and 

GgRPPR,/i,(p) W (t>ip-- 1)/(P- l)GgPR,;i.(p)-) 



5. Equivalence of the Equations for Two-cycles 

As observed in conditions on ^ can sometimes be translated into condi- 
tions on ||3J| in a relatively straightforward manner. Table |21 reproduced from [7], 
summarizes these straightforward relationships. 

We can go slightly further, however. Taking the logarithm of the two equations 
of Q with respect to the same primitive root b gives us new equations: 

h log g = log a mod p ~ I; 
a log (7 = log /i modp— 1. 

Let d = gcd(/i, a,p — 1), and let uq and vq be such that 

uoh + vqu = d mod p ~ 1. 
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a\h 


ANY 


PR 


RP 


RPPR 


ANY 






gANY 
hRP 


5 PR 
/iRPPR 


PR 






.9 PR 
hRP 


5 PR 
/iRPPR 


RP 


/lANY 
gORDh 


gPR 
hPR 


hRP 
gORDh 


5 PR 
/iRPPR 


RPPR 


gPR 
/iRPPR 


gPR 
/iRPPR 


5 PR 
/iRPPR 


5 PR 
/iRPPR 



By using the Smith Normal Form, we can show that © is equivalent to the equa- 
tions: 

= log /i- ^ logo modp-1; 
d log g = vq log h + uo log a mod p — 1 , 

or: 

f^h/d ^ ^a/d j^^Q^ 

(8) 

/ = /i"«a"« mod p. 
In the case where d = gcd(ft., a,p — 1) = 1 then this becomes just 

(9) 



1 = a" mod p; 
g = /i^oa"" mod p. 



Thus: 



Proposition 5.1. Ifgcd{h,a,p—l) = 1, i/ien there is a one-to-one correspondence 
between triples {g,h,a) which satisfy ((SJl and pairs {h,a) which satisfy (j2J), and the 
value of g is unique given h and a. In particular, this is true if h is RP or a is RP. 

It was observed in [Sj that when neither h nor a is RP the relationship between ^ 
and (PI is less clear. It was claimed there that given a pair {h,a) which is a solution 
to © we expect on average gcd(a,p — 1) gcd{h,p — 1)/ gcd{ha,p — 1)^ pairs {g, h) 
which are solutions to 

It is clear from (jS]), however, that when d — gcd(/i, a,p — 1) ^ 1 this is not the 
correct way to think about things. The proper equation to look at in this case is 
not but 

(10) h^'"^ = a"/'^ mod p. 

We will use C" to denote the number of solutions to (|10|) . 

Now ^ shows that a nontrivial solution to H10() produces d pairs (5, h) which 
are nontrivial solutions to Q if h'"°a'^° is a d-th power modulo p, and otherwise no 
solutions. (As in 6 , we consider the "trivial" solutions to l(2Jl to be the ones that 
are also solutions to (^).) Thus the following heuristic implies that every nontrivial 
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Table 3. Relationship between solutions to ||2J) and solutions to ifTUIl 





ANY 


PR 


RP 


RPPR 


ANY 


ANY, a ANY 

E(T/C") « 1 


hPR 
aRP 


hRP 
aANY 


/iRPPR 
aRPPR 


PR 


/iANY,aANY 

E(T/C") w "^(^"/^ 


hPR 
aRP 


hRP 
a PR 


/iRPPR 
aRPPR 



solution to l|10() produces on average one pair {g, h) which is a nontrivial solution 
to 101. 

Heuristic 5.2. For any pair {h,a), let d = gcd{h, a,p — 1), and let uq and vq be 

such that 

Uoh + VQa = d mod p — 1- 

Then (/i, a) i—> h'"°a"° is a random map even when restricted to gcd(ft,, a,p—l) = d, 
in the sense that 

#{{h,a): h^'oa^o = y mod p, gcd(/i, a,p - 1) = d} _ 1 

#{{h,a): gcd{h,a,p~l)^d} ~ #{y e {1, . . . ,p - 1}} ' 

On the other hand, there is a solution to ||SJ| with .gPR if and only if h'"°a'^° is 
exactly a d-th power modulo p; that is, ordp(/i""a"") — (p — 1) /d. Then Lemma 1X31 
says that the number of such solutions is (f>{p— l)/(j>{{p~ Thus Heuristic 15. 21 

implies that every solution to 1(1171) produces on average 4>{p— l)/{p— 1) pairs {g, h) 
which are solutions to (|2J) with gPR. These relationships between conditions on Q 
and conditions on (|10|l are summarized in Tabled where E(T/C") is the expected 
number of solutions to given a solution to (flUll . 

6. Heuristics and Conjectures for Two-Cycles 

We mentioned in Section [21 that we could view x i~+ log "random map" in 

some sense. We will also suppose that the map x i-^- mod p is "random" , in a 
slightly different sense. 

Heuristic 6.1. The map x mod p is a random map given the obvious re- 

strictions on order, in the sense that for all p, given y S {1, . . . ,p ~ 1}, then 

#{a; e {1,. ..,p- 1}: = y mod p} 

_ #{z € {1, ... ,p- 1}: (ordpz)/ gcd(z,ordpz) ordpt/} 
#{w e {1, . . . ,p- 1}: ordpW = ordpy} 

(The fraction on the right-hand side was referred to in [S| as ifS„i/i^Tjn, where 
m = ordpy. The arguments there used this heuristic implicitly.) 
In fact, we would like a slightly stronger version of this: 

Heuristic 6.2. The map a; i— > x^ mod p is a random map even when restricted 
to a specific order and greatest common divisor, in the sense that for all p, given 
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y G {1, . . . ,p — 1} such that oidpij ~ f / gcd(e, /), then 

4{x e {1, . . . ,p- 1}: .t"" = y mod p, gcd(x,p - 1) e, ordpX = /} 

_ #{2 € {1, . . . 1}: gcd(z,p- 1) ^ e, ordpZ ^ /} 
#{w e {1, . . . ,p- 1}: ordpii; = ordpy} 

Heuristic 16.21 like Heuristic 12. 81 cannot yet be made rigorous. 
Using ProDOsition l5.1l and Heuristic l6.2l we have the following conjectures from 
as corrected in 

Conjecture 6.3. 

(a) TgANYJiRp(p) = C'/irp^qany(p) ~ 20(p- 1). 

(b) TftRp,gORD/i(p) = ChRP,aRp[p) ~ (t>iP~- 1) + !)■ 

(c) TgPR,,,Rp(p) = C,,RP,aPR(p) « 20(p- 1). 
(d) 

7gPR,/iRPPR(p) = rgANY,/iRPPR(p) 

= ChRPPR,a.(p) = Chm.aRPPR{p) 

« - i)Vb - 1) + (f'ip - i)'Vb - !)'■ 

(e) ThANY^gORDhip) = ChANY,aRpip) ~ 2(/)(p - 1). 

(f) TgPRjiPR{p) = TgANY,hPR{p) = ChPR,aRp{p) ~ 2(/)(p - 1)'^ / {p - 1). 

In Conjectures and l6.3ljsj l it should be noted that the observed values in 
question must be exactly (not just approximately) equal, by the symmetry of 
The same applies in Conjectures 16. and l6.3ip . 

We also made in !^ the following conjectures about solutions to Q. 



Conjecture 6.4. 



C;tANY,aANY(p) ~ (p - 1) + ^ 



0(m) 



m\p— 1 



E 



(f>{dm) 



,d|(p-l)/m 



(b) If p — 1 is squarefree then Ch any m any (p)^ {p-l)+ H (q + 1 

q\p-l ^ 

where the product is taken over primes q dividing p — 1 . 

(c) In general, 



C/iANY,a ANy(p) 

1 



3 



q 



a + l 



(a + lj 2(a + l) 



(a + l)g"+i +g 



q-1 ' ' 

Q,2^a+3 _ (20,2 + 2a - + (a2 + 2a + - q^ - q 



[q-lf 

where the product is taken over primes q dividing p — 1 and a is the exact 
power of q dividing p — 1. 

(d) Ch PR,a any(p) ~ '2(j){p - 1). 

(e) Ch ANY, a pr{p) ~ 2(t){p - 1). 
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(f) Ch PR.aPRip) - Hp - 1) + Hp - If lip - !)• 

(The formulas in Conjecture I6.4lj5!jl and Conjecture I6.4lj^ appear in jBj with 
typos. They appear correctly here and in 7 .) 

These conjectures rely on Heuristics 12 . 6l and l6 . 21 and a standard birthday paradox 
argument. Thanks to Lemma 12.71 we are now closer to making them into rigorous 
theorems. All of the conjectures on ||2Jl are summarized in Tabled) which appeared 
in |7]. The table also contains new data collected since f^. As in [BI, we distinguish 
between the "trivial" solutions to (O, where h — a, and the "nontrivial" solutions. 

Table 4. Solutions to Q 



(a) Predicted formulas for the nontrivial part of C{p) 



a\h 


ANY 


PR 


RP 


RPPR 


ANY 


~ ^ |T„| 


«0(p-i) 


~0(P-1) 


<t>(p-ir 
~ (p-i)2 


PR 


~0(p-i) 


_ 0(p-i)'" 
~ (p-i) 


_ 0(P-1)" 
~ (p-1) 


_ <i>ip-i)^ 
~ (p-i)^ 


RP 


~0(P-1) 


0(p-i)^ 


4'{p~ir 


4'{p-ir 


~ (p-i) 


~ (p-i) 


~ (p-i)^ 


RPPR 






_ <p{p-ir 
~ (p-ir 


_ <i>{p-ir 
~ {p-i)2 


(b) Predicted values for the nontrivial part of C(100057) 


a\h 


ANY 


PR 


RP 


RPPR 


ANY 


190822.0 


30240 


30240 


2762.225 


PR 


30240 


9139.458 


9139.458 


2762.225 


RP 


30240 


9139.458 


9139.458 


2762.225 


RPPR 


2762.225 


2762.225 


2762.225 


2762.225 


(c) Observed values for the nontrivial part of C(100057) 


a\h 


ANY 


PR 


RP 


RPPR 


ANY 


190526 


30226 


30291 


2820 


PR 


30226 


9250 


9231 


2820 


RP 


30291 


9231 


9086 


2820 


RPPR 


2820 


2820 


2820 


2820 



As observed in Section [S] to estimate the number of solutions to (|2Jl in the 
remaining cases we need to look at (|1(J|) . We start by estimating the number 
of nontrivial solutions. This requires a finer version of Heuristic 16.21 which takes 
d = gcd(/i, a,p — 1) into account. 

Heuristic 6.5. Fix d, e such that e divides p ~ 1 and d divides e. Then the map 
X ^ x^l'^ mod p is a random map even when restricted to a specific order and 
greatest common divisor, in the sense that for all p, given y G {1, ... ,p — 1} such 
that oidpy = f / gcd(e, /), then 

#^x e {l,...,p-l}: x^/'^ = y modp, gcd(a;,p - 1) = e, ordpa; /| 

_ #{ze {!,..., p- I}: gcd{z,p- 1) ^ e, ordpZ = /} 
e {1, . . . ,p - 1} : ordpW = ordpy} 
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Now we can approximate the number of nontrivial solutions of (|10|1 using a 
similar birthday paradox argument to that used in 6 for Conjecture 16.41 

By Heuristic 16. 51 we see that the nontrivial part of C^a^y aANvip) equal to: 



#{{h,a): h ^ a, (flTijl holds. gcd{h,a,p- 1) = d} 

d\p-i 

= J2 J2 a):h^a,m holds, gcd{h,p- 1) = e, gcd(a,p - 1) = /} 



d\p-l ej\p-l 
gcd(e J)=d 

#7rr 

d\p—l e,/|p— 1 m|p— 1 
gcd(e J)=d 



where 



Sm,r = \x: ordp(a;^/'') = rri, gcd(a;,p - 1) = r| 

~ U |a; : ordp(a;) = nm, gcd — , nm^ = n, gcd(a:;,p — 1) = r| 

n\(p-l)/m 

= (J {x: ordp(a;) = nm, gcd(x,p — 1) = r} 

n| (p— 1) /m 



and 

7m = {a;: ordpX = m}. 
Then, by Heuristic 12.61 we have: 



#Srn,r ~ ^ ^-^#{0; : ordp(a;) = nm} • #{a; : gcd(a;, p - 1) = r} 

n\{p-l)/m 



p — 1 



n| (p— 1) /m 
gcd^ ,nm^— 71 
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Thus 



4t^{{h,a): h ^ a, (fllHl holds. gcd(/i, a,p - 1) = d} 

d\p-i 

( 

1 



V V V ^ 

^ ^ ^ (hivtl) 

e,/|p-l m|p-l ^ 
gcd(e,/)=d 



E 



n| (p— 1) / m 
\gcd(|, nm)^n 



p-1 



E 



t|(p-l)/m 
\gcd(i, tm)=t 



E E E E E ■ 

dip— 1 e,/|p— 1 m|p— 1 n| (p— 1) /m £| (p— 1) / ra 
gcd{ej)^d gcd(f, nm)^n gcd( ,im)^i 



(f>(t'm)(f> 



p-l 



(p — l)2(/)(m) 



Proposition 6.6. For any d dividing q, 



E E E E 

e,/|g m|g n\q/m t\q/m 
gcd{e,f)^d gcd(f ,nm)^n gcd(^,im)^t 



(f>(m) 



q J2 



where J2{r) is the Jordan function J2{r) — X]s|r ^"^1^ (i)- 

Proof. This can be verified directly when g is a prime power; then use multiplica- 
tivity for the general case. □ 

It seems likely that a more combinatorial proof of this proposition can be found. 
Finally, we see that the nontrivial part of ^n^y a any (p) approximately 



E E E E E ( V) ( V) 



dlp—l e,/|p— 1 rn\p—l n\{p—l)/m t\(p—l)/m 
gcd{ej)=d gcd(f, nm)=r! gcd( 



{p — l)2(/)(m) 



^ p-i 



J. 



p-l 



As we saw in Section|21 Heuristic l5.2l implies that every nontrivial solution to I|1U|) 
with /lANY and a ANY produces on average one pair {g,h) which is a nontrivial 
solution to Thus the nontrivial part of T^ANY./t any(p) and also the nontrivial 
part of AMY aANY(p) ^'^^ both approximately equal to p — 1. 

Similarly, we saw that Heuristic 15.21 implies that every solution to (|10|) with 
HANY and a ANY produces on average (j){p — l)/{p — 1) pairs {g,h) which are 
solutions to lO with g PR. Combining this with the previous argument, we see that 
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(A(p-i). 



These calculations justify the following conjectures: 
Conjecture 6.7. 

(a) TgPRjiANvb) ~ 20(p- 1). 

(b) TgANY.^iANvb) ~ 2(p- 1). 

These conjectures were made in on the basis of an extension of the "random 
map" idea for x <—> logcc. As was explained there, however, it was not clear how 
to formulate the idea as a heuristic that could be proved in a rigorous form. The 
new analysis explains the complications in the relationship between C/iANY.aANV 
and rgANYj/tANY encountered in jH). 

Finally, Heuristic 15. 21 can be used to justify the last set of conjectures from 7/. 

Conjecture 6.8. 



The conjectures on ^ are summarized in Table which appeared in The 
table also contains new data collected since [B]. The data sets from Tables ^ 
^ and were collected on a Beowulf cluster with 19 nodes, each consisting of 2 
Pentium III processors running at 1 Ghz. The programming was done in C, using 
MPI, OpenMP, and OpenSSL libraries. The collection took 68 hours for all values 
of F{p), T{p), and C(p), for five primes p starting at 100000. 



Thus far we have considered variants of Brizolis conjecture for a fixed finite field 
with p elements. In the next two sections we consider average versions of these 
results and conjectures. The conjectures predict a main term; the results give a 
main term and an error term. The following sequence of lemmas gives the behavior 
of the main terms, on average. The only result from analytic number theory we 
need in order to prove these lemmas is the so-called Siegel-Walfisz theorem. As 
usual it{x; d, a) denotes the number of primes p < x such that p = a modulo d, and 
Li(a:) = dt/\nt denotes the logarithmic integral. 

Lemma 7.1 ([El Satz 4.8.3]). Let C > be arbitrary. Then 



uniformly for 1 < d < In x, {a,d) = 1, where the constants depend at most on C. 

The following result for fc = 1 is well-known, see e.g. |12II16| . For arbitrary k it 
was claimed by Esseen P] (but only proved for k = 3). We present a proof based 
on an idea of Carl Pomerance jE] . An analogue of this result for natural numbers 
was proved by Issai Schur in his Winter Semester lectures of 1923-24. He proved, 
for any complex number s, that 



(a) TgRpji,{p) w [(j){p- l)/(p- l)]TgANY,/i.(p)- 

(b) TgRPPRJ„(p) « [(j){p- 1)/{P- l)]TgPR,/i,(p). 



7. Averages of the main terms 



7r(x; d, a) 



U{x) 




m 
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Table 5. Solutions to ^ 



(a) Predicted formulas for the nontrivial part of T{p) 



9\h 


ANY 


PR 


RP 


RPPR 


ANY 


w(p-i) 


_ 0(p-i)" 
~ (p-i) 


^<Pip-i) 


_ 0(p-i)" 


PR 




0(p-i)" 


Hp-i)'" 


4>{p-ir 


~ (p-i) 


- (p-i) 




RP 




_ 0(p-i)^ 


_ 0(p-i)" 


_ 0(p-l)'' 


~ (P-i)^ 


~ (p-i) 


- (P-iV 


RPPR 




_ 0(p-i)' 


_ 'Pip-^y-' 


^ 4>iP'ir 




~ (p-i)^ 


~ (p-i)^ 




(b) Predicted values for the nontrivial part of r(100057) 


9\h 


ANY 


PR 


RP 


RPPR 


ANY 


100056 


9139.5 


30240 


2762.2 


PR 


30240 


9139.5 


9139.5 


2762.2 


RP 


30240 


2762.2 


9139.5 


834.8 


RPPR 


9139.5 


2762.2 


2762.2 


834.8 


(c) Observed values for the nontrivial part of T(100057) 


9\h 


ANY 


PR 


RP 


RPPR 


ANY 


100860 


9231 


30291 


2820 


PR 


30850 


9231 


9231 


2820 


RP 


30368 


2882 


9240 


916 


RPPR 


9376 


2882 


2882 


916 



For an instructive discussion of this result see |HI Chapter 4.2]. 
Lemma 7.2. Let k and C be arbitrary real numbers with C > 0. Then 



where 

(1 - i/p)'^ - 1 



p-1 

Proof. (The implicit constants in this proof depend at most on C and k.) Let gk 
be the Dirichlet convolution of the Mobius function and {(f){n)/n)^. Notice that 
gk is a multiplicative function and that {(j){n)/n)^ — '^d\n 9f'i^)- Using the latter 
identity we infer that 

p<x ^ ' p<x d\p—l d<x 

If p is a prime, then clearly gk{p) — (1 — 1/p)''^ 1 and gk{p^) = for r > 2. For 
every k there exist a constant Ck such that |gfc(p)| < Ck/p for every prime p. Note 
that 

(11) Mn)|<<!!i^«.-- 
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where uj{n) denotes the number of distinct prime divisors of n. Now write 
^gk{d)Tr{x;d,l) = ^ gk{d)7T{x;d,l) + ^ gk{d)7T{x; d,l) 

d<x d<ln^ X In^ x<d<x 

= Si + S2, 

say, where -B > is arbitrary for the moment. In order to estimate 5*1, we invoke 
Lemma IV. II This gives 

d<ln^ X 

Now 



gk{d) _^gk{d) „ / v-^ \9k{d)\ 



d^B m h m Li^, m 

We have d/(j){d) = Y[p\d{^ - P^^T^ < UpKdC^ - P^'^V^ < Inrf, using Mertens' 
formula. This together with the estimate lfTT|l shows that the sum J^dLi 9k{d)/(f){d) 
is absolutely convergent. Since, moreover, g^ {d) /4>{d) is multiplicative, we find using 
the Euler product identity that Y^^=i 9k{d) / (pid) = Ak- Using lfTT|l we infer that 



|5fe(rf)| Ind Bin In a; 



Emd 



Invoking the estimates 7r(a;; d, 1) < xld. and leads to S-y — 0{x\vl ^•'x).On 
putting everything together and taking B sufficiently large, the result follows. □ 

Remark 7.3. Using, e.g.. Maple it turns out that in the range < fc < 27 the 
constant Ak is quite well approximated by Q-^-0iik+Q.0278k rpj^^ constant Ai equals 
the Artin constant. Let 

Ak,n = n (1 + ii^l/Ptl') and Cn{k) = C(fc) n (1 - P^')- 

'p>n ^ P ' p<n 

If fc is a natural number and n is sufficiently large, then Ak^n — nfc>2 
where the exponents ek,r are integers that can be explicitly computed ^l]. In 
this way Ak and indeed any other Euler product appearing in this paper can be 
evaluated with arbitrary precision, cf. Theorem 2 of ^T]. In Table El we present a 
few examples. 



Table 6. The constants Ak 



k 


Ak 


1 


0.37395 58136 19202 28805 • • • 


2 


0.14734 94000 02001 45807 • • • 


3 


0.06082 16551 20305 08600 • • • 


4 


0.02610 74463 14917 70808 • • • 


5 


0.01156 58420 47143 35542 • • • 


6 


0.00525 17580 26977 39754 • • • 


7 


0.00243 02267 63032 72703 • • • 
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If a and b are natural numbers, then by (a, b) we denote the greatest common 
divisor of a and b and by [a, b] the lowest common multiple. 

Lemma 7.4. Let a and b be natural numbers and C > 0. We have 
(12) E ^^X-^i^'^ ^ ^("' b)A2Uix) + Oa,t,C (^) , 

p=l mod a 
p=l mod 

where 

'^("'') = MP ^ p^-p^-2p+i n p3_2^ + i - 

We have 



Proof. The proof can be carried out similarly to that of Lemma l7.2l We introduce 
an arithmetic function hafi that satisfies 

(15) n loyin ^ 

^\(a,b)' ^y{a.,b)^ d\m 

On noting that the left hand side of (|15|1 is a multiplicative function of m, it follows 
that ha,b is multiplicative. Then ha^b is easily evaluated. Taking m = {p — l)/[a, 6] 
we find that (|12|l holds with constant 

^ij^) ha,,{d)cl>{[a,b]) 
0([a,5])[a,6]2£-^ &]) ' 

After some manipulations the latter expression, in which the sum has as argument 
a multiplicative function, is seen to equal 

Mfi^ A ^^^^ yr ip-l){p'-2p+l) yr p{p^ - 1) 

^ ' ^(/)([a,6])[a,W2 ii p(p3_p2_2p+l) -^1 p3-2p+l' 

p\ab P\-(ijy^ 

On further simplification this is seen to equal r(a, b)A2. It can be shown that 

n (^-^)(^^-i) <4.i3. 

p 

This inequality and the fact that the local factors in the two products appearing 
in (|16|) are all > 1, then establishes the truth of (|14|l . □ 

Lemma 7.5. Let C > be arbitrary. We have 



EAE-4^)-^Li(x)+oc 

±^ P ~ 1 Z-^, e V e J 



p<x e|p— 1 

w/iere 



In*^ X 



S = Y[il- ) ~ 0-57595 99688 92945 43964 • ■ 



is the Stephens constant (see llTJl ). 
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Proof. Using the fact that (f>{n)/n ~ "^din t^W/^ with n ^ {p — l)/e, wc find on 
making the substitution de = v and swapping the order of summation that 



p — i ^ — ' e , „ , 

p<x e|p— 1 ■D<a;— 1 p<2; 

p=l mod V 

On sphtting the summation range in the range v < In^ x and v > In^ a; for an 
appropriate B, the result is then deduced as in Lemma 17.21 □ 

Remark 7.6. Let V — {KijJ^o be a sequence of integers. We say that m divides 
the sequence ^ if m divides at least one term of the sequence. Denote by S{V) the 
natural density of primes p dividing V, if it exists. Stephens ^7] proved, subject 
to the Generalized Riemann Hypothesis (GRH), that 5{V) exists for a large class 
of second order linear recurrences. Moreover he showed, subject to GRH, that 
for these sequences S{V) equals a rational number times the Stephens constant. 
His work is extended and corrected in 12103. For more details on the numerical 
approximation to 5* given in the lemma see ^2 P- 397]. 

Lemma 7.7. Let C > be arbitrary. We have 



1 V- Jp-^V . C(3) 



Aij^U{x)+Oc 



^ (p_l)2 ^ e ; ^C(2) Vln^x 



where 



AitA = TT 1 - -A— ~ 0.27327 30607 85299 15983 • 



Proof. Using the fact that {<j){n)/n)'^ = '^d\n d^i'^) with n = {p — l)/e (for the 
definition of g2{d) see the proof of Lemma 17^ . we find on making the substitution 
de = V and swapping the order of summation that 

2.^2.^^) = L -2 2. 1- 



P ^ \ - / 

p<x e\p—l v<x—l p<x 

p=l mod V 

On splitting the summation range in the range v < In^ x and v > In^ x for an 
appropriate B, the result is then deduced as in Lemma 17.21 □ 

Remark 7.8. Lemma 17.41 suggests that the sum in the previous lemma is asymptot- 
ically equal to A2 ^(^i Some computation shows that, in agreement with 
Lemma I7. 71 we have 

A2l^r{e,e)=A2l^-[[^-^-^^^A,— 
Lemma 7.9. Let C > be arbitrary. We have 



(17) "E— T >: '/'Ml 1^ ^1 =UUix) + 0. 



m\p-l 



^ p~ I ^ ^ \ d / Vln^a; 

P<X I -.^ T / 
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C/.TT(i + _?P!±^li±l_)«3.4210.... 



wh 

TT = T[ (^ 4- 

p(p+l)(p2- 1) 

f 

Proof. Let us define hi{n) — '^('^)/'^)^- l^ote that hi is multiplicative. Let 

us denote the left hand side of l(T7|l by /i. We have 



p<a;m|p— 1 ^ 

^ m 5 

p<xrn\p—l ^1 P-i 

p=l mod V 

Proceeding as in most of the earlier lemmas, we then deduce that H17|l holds true 
with constant 

f. E.i.M%(!) ^ 2 + {2k-i){i-i/p) \ 

h "'^w ^}\ h p'" J' 

which, after some tedious calculation, is seen to equal U. □ 
Lemma 7.10. Let C > be arbitrary. We have 

p<x m\p-l I 

where 

p' + 2p4 - + p2 + 1 

p 

Proof. Let us denote the left hand side of ((TS)l by 12- We have 

3 



11 V p3(p+ l)3(p- 1) / 



m 

p<2; m|p— 1 



P-1 



p<a;m|p— 1 !- 

E5|.'5/ll(%3(f) 



p=l mod 
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Proceeding as in most of the earlier lemmas, we then deduce that l|18|l holds true 
with constant 



E 



E.|.^fel(%3(f) 

v(f>(v) 



p \ k=l ^ 

which, after some tedious calculation, is seen to equal L. 



□ 



The final lemma we will present is actually used in our error terms and not our 
main terms, but it is of the same character as the others in this section. 

Lemma 7.11. Let k and C be arbitrary real numbers with C > 0, fc > 0. Then 

X 



J2 = r,Li(x) + Oc,k 



{p-1 



In*^ X 



whe 



and 



d\n 



Proof. Using the fact that ak{n)/n'^ — J2d\n'^'^ f''^'' ~ V'^'^j see that 

E^^^ = E E i = Ei-(^;^'i)- 



p<x 



p<x d\p—l 



d<x 



On splitting the summation range in the range v < \n x and w > In x for an 
appropriate i?, the result is then deduced as in Lemma 17.21 □ 

We have not yet computed the constants using the techniques described in 
Remark 17.31 but a rough approximation using Maple gives the results shown in 
Tabled 

Table 7. The constants Tk 



k 


Tk 


1 


2.20386- • • 


2 


1.38098- • • 


3 


1.15762- • • 


4 


1.07163- •• 


5 


1.03397--- 


6 


1.01646--- 


7 


1.00808 - - - 
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8. Averages of the conjectures and results 

Given the lemmas from the previous section it is trivial to establish average 
versions of some of our results. For example, we have: 

Theorem 8.1. Let C > be arbitrary. We have 

> — = A2Li(x) + Oc —c- ■ 

Proof. Follows at once from Theorem 14.11 Lemma [7.21 and the observation that, 
for every e > 0, Y.p<x d{p - + - 1) = 0{x^l'^+'). □ 

Similarly, we have: 

Theorem 8.2. Let C > be arbitrary. We have 

sr^ GgPRMMYip) _ , C(3) . . p f X 

\ P-I CM ^ ^ ^ ^ 

and 

p<x ^ 

Proof. Likewise follows from Theorems 14 . 1 61 and 14 . 1 71 and Lemmas 17.51 and l7 . 71 □ 

Propositions 14.31 and are unfortunately more problematic, due to the pres- 
ence of the exceptionally large error term. As remarked there, the factor of a{p — 
1) — 3{p — l)/2 in the error term can be averaged as 



^ p — 1 



a(p-l)-3(p-l)/2 

p<x 

« 0.70386Li(x) + Oc 



In^ X 



(Apply Lemma |7.1 11 1 The factor of ^Jp, however, will still result in a error term 
with an order of magnitude larger than the main term. 

On the other hand, almost all of the conjectures on (Q, and Q lend them- 
selves easily to average versions of the sort treated above. For instance, we have: 



(a) Y^tim^m^^uix) 



Conjecture 8.3. 

^gANY,/i ANy(p) 
P ' 

p<.x 

(b) y^>M^^«AiLi(x). 
p — 1 

p<.x 

These conjectures and the average versions of our other conjectures are summa- 
rized in Tables |H1 [HI and ^| The data sets in these tables were collected on the 
same Beowulf cluster with similar software. The collection took 17 hours for all 
values of E,<. f^, Ep<x and E,<. f^, for . = 6143. 
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The results of the preceding section unfortunately do not allow us to evaluate 
the average value of the right hand side of Conjecture I6.4lj3^ l . Let us put 

2 



m\p—l \d\m / 



Numerically it seems that 



1 

■(x) p - 1 



lim — - > = 1.644 • 

with rather fast convergence. We are thus tempted to propose the following con- 
jecture. 

Conjecture 8.4. Let C > be arbitrary. We have 

y CaANY,.ANY(p) ^ 2.644 • • • Li(x) + Oc ( ^ 

Although we cannot prove (or even completely justify) this at present, we can 
establish the following result. 

Lemma 8.5. For every x sufficiently large we have 



1 w{p) 
7r(a;) ^ P — 1 



1.444 < —r 2^ < 3.422 

Proof. Note that 



m\p~l \d\^ J m|p-l \d.\E^ 



where the first inequality, by the way, is exact if p — 1 is squarefree. The result now 
follows on invoking Lemma F? . 1 01 and Lemma IT!^ □ 
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Table 8. Average Solutions to (QJ 



(a) Predicted approximate values for -^^4^ X]p<x ^(p) 



9\h 


ANY 


PR 


RP 


RPPR 


ANY 


1 


A2 


Ai 


A2 


PR 


Ai 


A2 


A2 


A2 


RP 


Ai 


^3 


A2 


A^ 


RPPR 


A2 


^3 


M 





(b) Predicted approximate numeric values for -^^^j-r X]p<a; P{p) 



9\h 


ANY 


PR 


RP 


RPPR 


ANY 


1 


0.1473494000 


0.3739558136 


0.1473494000 


PR 


0.3739558136 


0.1473494000 


0.1473494000 


0.1473494000 


RP 


0.3739558136 


0.0608216551 


0.1473494000 


0.0608216551 


RPPR 


0.1473494000 


0.0608216551 


0.0608216551 


0.0608216551 



(c) Observed values for x — 6143 



9\h 


ANY 


PR 


RP 


RPPR 


ANY 


0.9904034375 


0.14851987375 


0.37592474125 


0.14851987375 


PR 


0.3749536975 


0.14851987375 


0.14851987375 


0.14851987375 


RP 


0.3739629175 


0.0612404775 


0.15122619375 


0.0612404775 


RPPR 


0.14792889125 


0.0612404775 


0.0612404775 


0.0612404775 
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(a) Predicted approximate values for the nontrivial part of 



a\h 


ANY 


PR 


RP 


RPPR 


ANY 


1.644- •• 


Ai 


Ai 


Az 


PR 


Ai 


A2 


A2 


Az 


RP 


Ai 


A2 


A2 


Az 


RPPR 


A3 


A3 


Ai 


Az 



(b) Predicted approximate numeric values for the nontrivial part of 



a\h 


ANY 


PR 


RP 


RPPR 


ANY 


1.644- •• 


0.3739558136 


0.3739558136 


0.0608216551 


PR 


0.3739558136 


0.1473494000 


0.1473494000 


0.0608216551 


RP 


0.3739558136 


0.1473494000 


0.1473494000 


0.0608216551 


RPPR 


0.0608216551 


0.0608216551 


0.0608216551 


0.0608216551 



(c) Observed values for the nontrivial part for x — 6143 



a\h 


ANY 


PR 


RP 


RPPR 


ANY 


1.6113896337 


0.3655877485 


0.3765792535 


0.060552674 


PR 


0.3655877485 


0.14608992975 


0.1478925015 


0.060552674 


RP 


0.3765792535 


0.1478925015 


0.146740421 


0.060552674 


RPPR 


0.060552674 


0.060552674 


0.060552674 


0.060552674 
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Table 10. Average Solutions to ^ 



(a) Predicted approximate values for the nontrivial part of 



9\h 


ANY 


PR 


RP 


RPPR 


ANY 


1 


A2 


Ai 


As 


PR 


Ai 


A2 


A2 


A3 


RP 


Ai 


^3 


A2 


Ai 


RPPR 


A2 


^3 


As 


Ai 



(b) Predicted approximate numeric values for the nontrivial part of 



9\h 


ANY 


PR 


RP 


RPPR 


ANY 


1 


0.1473494000 


0.3739558136 


0.0608216551 


PR 


0.3739558136 


0.1473494000 


0.1473494000 


0.0608216551 


RP 


0.3739558136 


0.0608216551 


0.1473494000 


0.0261074463 


RPPR 


0.1473494000 


0.0608216551 


0.0608216551 


0.0261074463 



(c) Observed values for the nontrivial part for x = 6143 



9\h 


ANY 


PR 


RP 


RPPR 


ANY 


0.9933146575 


0.14884923375 


0.3772284725 


0.06150940625 


PR 


0.37381320625 


0.14884923375 


0.14884923375 


0.06150940625 


RP 


0.36701980375 


0.06089004625 


0.146029115 


0.02640389625 


RPPR 


0.14697618875 


0.06089004625 


0.06089004625 


0.02640389625 



SMALL CYCLES OF THE DISCRETE LOGARITHM 



33 



9. Conclusion and Future Work 

Most of the theorems of Section 01 suffer from an error term which is larger than 
the main term. This seems to be a direct consequence of the use of Lemma l2 . 71 and 
may be unavoidable. However, we have shown that we can put some limits on how 
often the error actually approaches the worst case, and we have conjectured that 
even better limits exist. The best next step may be further data collection in order 
to empirically count the number of primes with the potential for large errors. 

We have begun to put our conjectures on a firm footing, deriving them from 
as few heuristics as possible. We hope to be able to prove these heuristics in the 
future. Then we should be able to convert the conjectures into theorems by merely 
estimating the error term. 

The project of extending our analysis to three-cycles and more generally fc-cycles 
for small values of fc, mentioned in still remains to be done. Along similar lines, 
Igor Shparlinski has suggested attempting to analyze the average length of a cycle, 
which could have many practical applications in the analysis of cryptographically 
secure pseudorandom bit generators, as mentioned in [Hj. 
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